Download presentation
Presentation is loading. Please wait.
Published bySteven Sharp Modified over 8 years ago
1
TC176/IAF ISO 9001:2000 Auditing Practices Group
2
The ISO 9000 Advisory Group identified auditor competence as a critical issue when ensuring the credibility of ISO 9001:2000 certification. Auditing Practices Group established in February 2003.
3
Participants Experts nominated by:- IAF (CRBs, ABs, Industry) ISO TC/176(WG Int, SC1, SC2, SC3) ISO CASCO IATCA
4
Aims of the Group 1.Development of examples of good auditing practices related to requirements of ISO9001: 2000 and guidelines of ISO19011: 2002 2.Development of a website where papers and examples of auditing practice against the requirements of ISO 9001:2000 are posted and available to the public without charge. 3.The information provided by the Group does not constitute IAF or ISO endorsed benchmarks or interpretations of the preferred way conformance to ISO 9001:2000 is audited. APG-Introduction.doc
5
Topics The need for a 2-stage approach to auditing Measuring QMS effectiveness and improvements Identification of processes Understanding the process approach Determination of the “where appropriate” processes Auditing the “where appropriate” requirements Demonstrating conformity to the standard Linking an audit of a particular task, activity or process to the overall system Auditing continual improvement
6
Topics Auditing a QMS which has minimum documentation How to audit top management processes The role and value of the audit checklist Scope of ISO 9001:2000, scope of quality management system and defining scope of certification How to add value during the audit process Auditing competence of personnel and the effectiveness of actions taken Auditing statutory and regulatory requirements
7
Topics Auditing quality policy and quality objectives Auditing the control of monitoring and measuring devices Effective use of ISO 19011:2002 Auditing customer feedback processes Documenting a nonconformity Reviewing and closing a nonconformity Auditing preventive action
8
The need for a 2 stage approach to auditing Auditing to ISO 9001:2000 requires a good understanding of the business and QMS The primary purpose of the 1 st stage audit Activities performed during the 1 st stage audit APG-2stage.doc
9
Measuring QMS effectiveness and improvements (Open presentation)
10
Identification of Processes Can the auditee distinguish between processes and activities? Be able to adapt to the auditee’s situation Determine if there is a problem with difference in terminology Determine if there is a real lack of implementation of the process approach APG-IdentifyProcesses.doc
11
Understanding the process approach (1) The Auditor should realise several steps are needed Determine the processes and responsibilities needed to attain objectives Determine and provide adequate resources and information Establish and apply methods to monitor and analyse processes Establish and apply a process for continual improvement
12
The Auditor also needs to:- Be aware that application of the process approach will be different from organization to organization Understand the process approach to a level beyond the terminology of the standard Consider small & medium enterprises who may not need many processes Ensure that misunderstandings are identified and resolved during the 1 st stage audit Understanding the process approach (2)
13
The Auditee needs to consider:- Establishment of process objectives Process planning Availability of suitable records Redefinition of processes during the 1 st stage audit can identify activities incorrectly described as processes APG-UnderstandProcessApproach.doc Understanding the process approach (3)
14
Terminology Definition of process Exclusions APG-DetermineWhereAppropriate.doc Determination of the “where appropriate” processes
15
Auditing “where appropriate” requirements (1) Determine the application of ISO 9001:2000 Ensure “where appropriate” requirements are appropriate Does the requirement add value? Does it increase the risk of not meeting customer requirements?
16
Need for experience to make a judgement on a technical issue Sector knowledge Competence Auditing skills Knowledge of the processes Objective evidence APG-AuditWhereAppropriate.doc Auditing “where appropriate” requirements (2)
17
Demonstrating conformity to the standard Auditing processes versus auditing to the standard's clauses Audit checklists may not be sufficient What is adequate sampling? APG-DemonstrateConformity.doc
18
Overall direction of the audit Interaction of processes Importance of processes Take samples APG-AuditofTasktoSystem.doc Linking an audit of a particular task, activity or process to the overall system
19
How much improvement is “enough”? What sort of information is relevant and where can we find it? Improvement of the process or improvement of the QMS? APG-AuditContinualImprovement.doc Auditing continual improvement
20
Auditing a QMS which has minimum documentation The necessity for any documentation should be evaluated in the light of: the observed need for consistency the role that any documentation could play in avoiding any significant, identified risks. APG-MinDocumentation.doc
21
Identifying top management processes Conducting the audit Audit reporting APG-AuditTopManagement.doc How to audit top management processes
22
Need for checklists The use of audit checklists Advantages Disadvantages Conclusion APG-Checklist.doc The role and value of the audit checklist
23
ISO 9001:2000 clause 1 Scope defines the scope of the standard, not to be confused with QMS scope The scope of a QMS should be based on the: –nature of products and realization processes –result of risk assessment –commercial considerations –contractual, statutory and regulatory requirements –ISO 9001:2000 clause 1.2 Application Scope of registration/certification APG-Scope.doc Scope of ISO 9001:2000, Scope of Quality Management System (QMS) and Defining Scope of Certification
24
How to add value during the audit process (1) “Value-added” quality management systems Value-added auditing
25
How to add value during the audit process (2) Some tips for Value-added auditing Audit planning Audit technique Analysis and decision Report and follow-up APG-HowtoAddValue.doc
26
An organization will need to: Identify what competencies are required Identify which personnel already are competent Decide what additional competencies are required Decide how these are to be obtained Train, hire or reassign personnel review competence of personnel Auditing 'competence' and 'effectiveness of actions taken' (1)
27
Auditing 'competence' and 'effectiveness of actions taken‘ (2) Auditor would seek evidence of: Identification of competencies required Assignment of competent personnel Evaluation of the effectiveness of actions taken Maintenance of competence APG-AuditingCompetence.doc
28
Auditing statutory and regulatory requirements An organization must identify and control the statutory and regulatory requirements applicable to its products (including services). Evidence should be obtained that these requirements are being satisfied APG-StatutoryRegulatory.doc
29
Auditing quality policy and objectives (1) Auditing quality policy Interview top management to verify that the organization’s overall quality objectives have been defined Evaluate commitment and involvement Have management disseminated the policy throughout the organization? Determine awareness among personnel at all levels
30
Auditing quality policy and objectives (2) Auditing quality objectives Verify that the organization’s overall quality objectives have been defined Do they reflect the quality policy ? Are they coherent, aligned and compatible with the overall business objectives, including customer expectations? APG-QualityPolicyandObjectives.doc
31
Auditing the control of monitoring and measuring devices It is important for the auditor to understand the differences between:- “monitoring” and “measurement”, and “equipment” and “devices”. The different sub-clauses of the standard refer to all of these in isolation and together so clause 7.6 should be read carefully. APG-ISO9001Clause7.6.doc
32
Effective use of ISO19011:2002 The standard contains guidance on:- The principles of auditing Managing an audit programme Audit activities Competence and evaluation of auditors APG-EffectiveUseofISO19011.doc
33
Auditing customer feedback processes What are the requirements? What should be addressed when auditing customer feedback processes? –Prior to the audit of the customer feedback process (preparation stage) –During the process assessment APG-CustomerFeedback.doc
34
Documenting a nonconformity What is a nonconformity? Identify and document the audit evidence Determine the requirement Write the statement of nonconformity APG-DocumentNonconformity.doc
35
Reviewing and closing a nonconformity Auditors not only write nonconformities but are also responsible for the review of the response to the nonconformity Correction Determination of cause Corrective action Objective evidence Closing nonconformities APG-ReviewNonconformity2.doc
36
Auditing preventive action How the organization: Determines potential nonconformities & causes Evaluates the need for preventive action Determines action required & how it is implemented Records results of actions taken Reviews preventive actions taken “Philosophical” discussion - auditor and auditee APG-ReviewNonconformity2.doc
37
Copies of the guidance documents referred to in this presentation can be obtained from: www.iaf.nu www.iso.org/tc176/ISO9001AuditingPracticesGroup Comments on the papers or presentations can be sent to the following email address: charles.corrie@bsi-global.com Feedback from users will be used by the ISO 9001 Auditing Practices Group to determine whether additional guidance documents should be developed, or if these current ones should be revised.
38
Disclaimer These papers have not been subject to an endorsement process by the International Organization for Standardization (ISO), ISO Technical Committee 176, or the International Accreditation Forum (IAF). The information contained within them is available for educational and communication purposes. The ISO 9001 Auditing Practices Group does not take responsibility for any errors, omissions or other liabilities that may arise from the provision or subsequent use of such information.
39
TC176/IAF ISO 9001:2000 Auditing Practices Group
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.